function run()
{
global $layout;
global $DB;
global $website;
global $theme;
$out = '';
switch ($_REQUEST['act']) {
case "copy_from_template_zones":
// return template sections and (textarea) properties for a content id
$template = new template();
$template->load($_REQUEST['template']);
$zones = array();
for ($ts = 0; $ts < count($template->sections); $ts++) {
$title = $theme->t($template->sections[$ts]['name']);
if ($title == '#main#') {
$title = t(238, 'Main content');
}
$zones[] = array('type' => 'section', 'code' => $template->sections[$ts]['code'], 'title' => $title);
}
for ($ps = 0; $ps < count($template->properties); $ps++) {
// ignore non-textual properties
if (!in_array($template->properties[$ps]->type, array("text", "textarea", "rich_textarea"))) {
continue;
}
$zones[] = array('type' => 'property', 'code' => $template->properties[$ps]->id, 'title' => $theme->t($template->properties[$ps]->name));
}
echo json_encode($zones);
core_terminate();
break;
}
}
function run()
{
$out = '';
switch (@$_REQUEST['act']) {
case 'grid_note_background':
grid_notes::background($_REQUEST['object'], $_REQUEST['id'], $_REQUEST['background']);
core_terminate();
break;
case 'grid_notes_comments':
$comments = grid_notes::comments($_REQUEST['object'], $_REQUEST['id'], false);
echo json_encode($comments);
core_terminate();
break;
case 'grid_notes_add_comment':
echo grid_notes::add_comment($_REQUEST['object'], $_REQUEST['id'], $_REQUEST['comment'], $_REQUEST['background']);
core_terminate();
break;
case 'grid_note_remove':
echo grid_notes::remove($_REQUEST['id']);
core_terminate();
break;
default:
}
return $out;
}
/**
* Executes a Navigate CMS function taking the 'fid' url parameter
* fid can be the name of the package (p.e. "dashboard") or its numeric assignment (p.e. "6")
* note: if no "fid" is found, then loads the first available menu function
*
* @return mixed Navigate CMS package output
*/
function core_run()
{
global $layout;
global $menu_layout;
$content = "";
$fid = 'dashboard';
// default function
if (isset($_REQUEST['fid'])) {
$fid = $_REQUEST['fid'];
}
$f = core_load_function($fid);
if (empty($f) && ($fid == "dashboard" || empty($fid))) {
// load first function available
$fid = $menu_layout->menus[0]->items[0]->codename;
if (empty($fid)) {
$fid = "unknown";
} else {
header('location: ' . NAVIGATE_MAIN . '?fid=' . $fid);
core_terminate();
}
}
if (file_exists('lib/packages/' . $f->codename . '/' . $f->codename . '.php')) {
include 'lib/packages/' . $f->codename . '/' . $f->codename . '.php';
$content = run();
} else {
$content = 'function ' . $fid . ': <strong>' . $f->codename . '</strong> has not been found!';
}
return $content;
}
function run()
{
global $DB;
switch (@$_REQUEST['act']) {
case 'list':
$object_type = $_REQUEST['object'];
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$object_id = intval($_REQUEST['object_id']);
$ws_id = intval($_REQUEST['website']);
$offset = ($page - 1) * $max;
$rows = nvweb_permissions_rows($ws_id, $object_type, $object_id);
navitable::jqgridJson($rows, $page, $offset, $max, count($rows));
core_terminate();
break;
default:
}
}
function run()
{
global $layout;
global $DB;
global $website;
$out = '';
$item = new block();
switch ($_REQUEST['act']) {
case 'json':
case 1:
// json data retrieval & operations
switch ($_REQUEST['oper']) {
case 'del':
// remove rows
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
break;
default:
// list or search
// translation of request search & order fields
switch ($_REQUEST['searchField']) {
case 'id':
$_REQUEST['searchField'] = 'b.id';
break;
case 'type':
$_REQUEST['searchField'] = 'b.type';
break;
case 'title':
$_REQUEST['searchField'] = 'd.text';
break;
case 'category':
$_REQUEST['searchField'] = 'b.category';
break;
case 'dates':
$_REQUEST['searchField'] = 'b.date_published';
break;
case 'enabled':
$_REQUEST['searchField'] = 'b.enabled';
break;
case 'date_modified':
default:
$_REQUEST['searchField'] = 'b.date_modified';
}
if ($_REQUEST['sidx'] == 'dates') {
$_REQUEST['sidx'] = 'b.date_published';
}
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
$where = " 1=1 ";
if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
if (isset($_REQUEST['quicksearch'])) {
$where .= $item->quicksearch($_REQUEST['quicksearch']);
} else {
if (isset($_REQUEST['filters'])) {
$where .= navitable::jqgridsearch($_REQUEST['filters']);
// special case
if (strpos($where, 'title LIKE') !== false) {
$where = substr_replace($where, 'd.text', strpos($where, 'title LIKE'), 5);
}
} else {
// single search
$where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
}
}
}
$sql = ' SELECT SQL_CALC_FOUND_ROWS b.*, d.text as title
FROM nv_blocks b
LEFT JOIN nv_webdictionary d
ON b.id = d.node_id
AND d.node_type = "block"
AND d.subtype = "title"
AND d.lang = "' . $website->languages_list[0] . '"
AND d.website = ' . $website->id . '
WHERE ' . $where . '
AND b.website = ' . $website->id . '
ORDER BY ' . $orderby . '
LIMIT ' . $max . '
OFFSET ' . $offset;
if (!$DB->query($sql, 'array')) {
throw new Exception($DB->get_last_error());
}
$dataset = $DB->result();
$total = $DB->foundRows();
$block_types = block::types();
$block_types_list = array();
for ($i = 0; $i < count($block_types); $i++) {
if (is_numeric($block_types[$i]['id'])) {
$block_types_list[$block_types[$i]['code']] = $block_types[$i]['title'];
} else {
$block_types_list[$block_types[$i]['id']] = $block_types[$i]['title'];
}
}
$dataset = grid_notes::summary($dataset, 'block', 'id');
// we need to format the values and retrieve the needed strings from the dictionary
$out = array();
for ($i = 0; $i < count($dataset); $i++) {
if (empty($dataset[$i])) {
continue;
}
$access = array(0 => '<img src="img/icons/silk/page_white_go.png" align="absmiddle" title="' . t(254, 'Everybody') . '" />', 1 => '<img src="img/icons/silk/lock.png" align="absmiddle" title="' . t(361, 'Web users only') . '" />', 2 => '<img src="img/icons/silk/user_gray.png" align="absmiddle" title="' . t(363, 'Users who have not yet signed up or signed in') . '" />', 3 => '<img src="img/icons/silk/group_key.png" align="absmiddle" title="' . t(512, "Selected web user groups") . '" />');
if (empty($dataset[$i]['date_published'])) {
$dataset[$i]['date_published'] = '∞';
} else {
$dataset[$i]['date_published'] = core_ts2date($dataset[$i]['date_published'], false);
}
if (empty($dataset[$i]['date_unpublish'])) {
$dataset[$i]['date_unpublish'] = '∞';
} else {
$dataset[$i]['date_unpublish'] = core_ts2date($dataset[$i]['date_unpublish'], false);
}
if ($dataset[$i]['category'] > 0) {
$dataset[$i]['category'] = $DB->query_single('text', 'nv_webdictionary', ' node_type = "structure" AND
node_id = "' . $dataset[$i]['category'] . '" AND
subtype = "title" AND
lang = "' . $website->languages_list[0] . '"
');
}
$out[$i] = array(0 => $dataset[$i]['id'], 1 => $block_types_list[$dataset[$i]['type']], 2 => '<div class="list-row" data-enabled="' . $dataset[$i]['enabled'] . '">' . $dataset[$i]['title'] . '</div>', 3 => $dataset[$i]['date_published'] . ' - ' . $dataset[$i]['date_unpublish'], 4 => $access[$dataset[$i]['access']], 5 => $dataset[$i]['enabled'] == 1 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />', 6 => $dataset[$i]['_grid_notes_html']);
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
break;
}
session_write_close();
exit;
break;
case 'load':
case 'edit':
case 2:
// edit/new form
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
property::save_properties_from_post('block', $item->id);
$id = $item->id;
// set block order
if (!empty($item->type) && !empty($_REQUEST['blocks-order'])) {
block::reorder($item->type, $_REQUEST['blocks-order'], $_REQUEST['blocks-order-fixed']);
}
unset($item);
$item = new block();
$item->load($id);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST));
} else {
users_log::action($_REQUEST['fid'], $item->id, 'load', $item->dictionary[$website->languages_list[0]]['title']);
}
$out = blocks_form($item);
break;
case 'delete':
case 4:
// remove
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = blocks_list();
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = blocks_form($item);
}
users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->dictionary[$website->languages_list[0]]['title']);
}
break;
case 'path':
case 5:
// search an existing path
$DB->query('SELECT path as id, path as label, path as value
FROM nv_paths
WHERE path LIKE ' . protect('%' . $_REQUEST['term'] . '%') . '
AND website = ' . $website->id . '
ORDER BY path ASC
LIMIT 10', 'array');
echo json_encode($DB->result());
core_terminate();
break;
case 'block_groups_list':
$out = block_groups_list();
break;
case 'block_groups_json':
// block groups: json data retrieval
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
list($rs, $total) = block_group::paginated_list($offset, $max, $_REQUEST['sidx'], $_REQUEST['sord']);
$rs = grid_notes::summary($rs, 'block_group', 'id');
// translate $rs to an array of ordered fields
foreach ($rs as $row) {
if (substr($row['blocks'], 0, 2) == 'a:') {
// nv < 2.1
$row['blocks'] = mb_unserialize($row['blocks']);
} else {
// nv >= 2.1
$row['blocks'] = json_decode($row['blocks'], true);
}
$dataset[] = array('id' => $row['id'], 'code' => $row['code'], 'title' => $row['title'], 'blocks' => count($row['blocks']), 'notes' => $row['_grid_notes_html']);
}
navitable::jqgridJson($dataset, $page, $offset, $max, $total, 'id');
session_write_close();
exit;
break;
case 'block_group_edit':
$item = new block_group();
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->title, json_encode($_REQUEST));
} else {
if (!empty($_REQUEST['id'])) {
users_log::action($_REQUEST['fid'], $item->id, 'edit', $item->title);
}
}
$out = block_group_form($item);
break;
case 'block_group_delete':
$item = new block_group();
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = block_groups_list();
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = block_group_form($item);
}
users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->title);
}
break;
case 'block_types_list':
$out = blocks_types_list();
break;
case 'block_types_json':
// block types: json data retrieval
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$rs = block::types($_REQUEST['sidx'], $_REQUEST['sord']);
$block_modes = block::modes();
// translate $rs to an array of ordered fields
foreach ($rs as $row) {
$dataset[] = array('id' => $row['id'], 'type' => $block_modes[$row['type']], 'code' => $row['code'], 'title' => $row['title'], 'width' => $row['width'], 'height' => $row['height']);
}
$total = count($dataset);
navitable::jqgridJson($dataset, $page, $offset, $max, $total, 'id');
session_write_close();
exit;
break;
case 'block_type_edit':
case 82:
// edit/create block type
$item = NULL;
$position = NULL;
$max_id = 0;
$dataset = block::custom_types();
for ($i = 0; $i < count($dataset); $i++) {
if ($dataset[$i]['id'] > $max_id) {
$max_id = $dataset[$i]['id'];
}
if ($dataset[$i]['id'] == $_REQUEST['id']) {
$item = $dataset[$i];
$position = $i;
}
}
if (empty($item)) {
$layout->navigate_notification(t(599, "Sorry, can't display a theme block type info."));
$out = blocks_types_list();
} else {
if (isset($_REQUEST['form-sent'])) {
if (empty($item)) {
$item = array('id' => $max_id + 1);
}
$item['type'] = $_REQUEST['type'];
$item['title'] = $_REQUEST['title'];
$item['code'] = $_REQUEST['code'];
$item['width'] = $_REQUEST['width'];
$item['height'] = $_REQUEST['height'];
$item['order'] = $_REQUEST['order'];
$item['maximum'] = $_REQUEST['maximum'];
$item['notes'] = pquotes($_REQUEST['notes']);
if (!is_null($position)) {
$dataset[$position] = $item;
} else {
$dataset[] = $item;
}
try {
// save
$ok = block::types_update($dataset);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
}
$out = blocks_type_form($item);
}
break;
case 'block_type_delete':
case 84:
// remove block type
$dataset = block::custom_types();
$item = NULL;
for ($i = 0; $i < count($dataset); $i++) {
if ($dataset[$i]['id'] == $_REQUEST['id']) {
unset($dataset[$i]);
break;
}
}
try {
block::types_update($dataset);
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = blocks_types_list();
} catch (Exception $e) {
$out = $layout->navigate_message("error", t(23, 'Blocks'), t(56, 'Unexpected error.'));
}
break;
case 'block_property_load':
$property = new property();
if (!empty($_REQUEST['id'])) {
if (is_numeric($_REQUEST['id'])) {
$property->load(intval($_REQUEST['id']));
} else {
$property->load_from_theme($_REQUEST['id'], null, 'block', $_REQUEST['block']);
}
}
header('Content-type: text/json');
$types = property::types();
$property->type_text = $types[$property->type];
echo json_encode($property);
session_write_close();
exit;
break;
case 'block_property_save':
// save property details
$property = new property();
if (!empty($_REQUEST['property-id'])) {
$property->load(intval($_REQUEST['property-id']));
}
$property->load_from_post();
$property->save();
header('Content-type: text/json');
$types = property::types();
$property->type_text = $types[$property->type];
echo json_encode($property);
session_write_close();
exit;
break;
case 'block_property_remove':
// remove property
$property = new property();
if (!empty($_REQUEST['property-id'])) {
$property->load(intval($_REQUEST['property-id']));
}
$property->delete();
session_write_close();
exit;
break;
case 'block_group_block_options':
$status = null;
$block_group = $_REQUEST['block_group'];
$block_code = $_REQUEST['code'];
$block_uid = $_REQUEST['block_uid'];
if (isset($_REQUEST['form-sent'])) {
$status = property::save_properties_from_post('block_group_block', $block_code, $block_group, $block_code, $block_uid);
}
$out = block_group_block_options($block_group, $block_code, $block_uid, $status);
echo $out;
core_terminate();
break;
case 'block_group_extension_block_options':
$status = null;
$block_group = $_REQUEST['block_group'];
// block_group type
$block_id = $_REQUEST['block_id'];
// extension block id (type)
$block_uid = $_REQUEST['block_uid'];
// extension block unique id
$block_extension = $_REQUEST['block_extension'];
// extension name
if (isset($_REQUEST['form-sent'])) {
$status = property::save_properties_from_post('extension_block', $block_group, $block_id, null, $block_uid);
}
$out = block_group_extension_block_options($block_group, $block_extension, $block_id, $block_uid, $status);
echo $out;
core_terminate();
break;
case 0:
// list / search result
// list / search result
default:
$out = blocks_list();
break;
}
return $out;
}
public function backup()
{
global $website;
global $DB;
// protection against double process call
if (!empty($this->status)) {
core_terminate();
}
// prepare temporary folder
if (!file_exists(NAVIGATE_PRIVATE . '/' . $website->id . '/backups')) {
@mkdir(NAVIGATE_PRIVATE . '/' . $website->id . '/backups', 0755, true);
}
$zip = new ZipArchive();
$backup_filename = '/' . $website->id . '/backups/backup-' . time() . '.zip';
if ($zip->open(NAVIGATE_PRIVATE . $backup_filename, ZIPARCHIVE::CREATE) !== TRUE) {
$this->status = 'ZipArchive error: ' . NAVIGATE_PRIVATE . '/' . $website->id . '/backups/backup-' . time() . '.zip';
$this->update();
throw new Exception('ZipArchive error: ' . NAVIGATE_PRIVATE . '/' . $website->id . '/backups/backup-' . time() . '.zip');
}
$this->status = 'database';
$this->update();
// database
//--> call the exporter (backup) of each object type
$objects = array('block', 'item', 'comment', 'feed', 'file', 'grid_notes', 'menu', 'path', 'profile', 'property', 'structure', 'template', 'user', 'permission', 'webdictionary', 'webdictionary_history', 'website', 'webuser', 'webuser_group', 'webuser_vote');
include_once NAVIGATE_PATH . '/lib/packages/blocks/block.class.php';
include_once NAVIGATE_PATH . '/lib/packages/items/item.class.php';
include_once NAVIGATE_PATH . '/lib/packages/comments/comment.class.php';
include_once NAVIGATE_PATH . '/lib/packages/feeds/feed.class.php';
include_once NAVIGATE_PATH . '/lib/packages/files/file.class.php';
include_once NAVIGATE_PATH . '/lib/packages/grid_notes/grid_notes.class.php';
include_once NAVIGATE_PATH . '/lib/packages/menus/menu.class.php';
include_once NAVIGATE_PATH . '/lib/packages/paths/path.class.php';
include_once NAVIGATE_PATH . '/lib/packages/profiles/profile.class.php';
include_once NAVIGATE_PATH . '/lib/packages/properties/property.class.php';
include_once NAVIGATE_PATH . '/lib/packages/structure/structure.class.php';
include_once NAVIGATE_PATH . '/lib/packages/templates/template.class.php';
include_once NAVIGATE_PATH . '/lib/packages/permissions/permission.class.php';
include_once NAVIGATE_PATH . '/lib/core/user.class.php';
include_once NAVIGATE_PATH . '/lib/packages/webdictionary/webdictionary.class.php';
include_once NAVIGATE_PATH . '/lib/packages/webdictionary/webdictionary_history.class.php';
include_once NAVIGATE_PATH . '/lib/packages/websites/website.class.php';
include_once NAVIGATE_PATH . '/lib/packages/webusers/webuser.class.php';
include_once NAVIGATE_PATH . '/lib/packages/webusers/webuser_group.class.php';
include_once NAVIGATE_PATH . '/lib/packages/webusers/webuser_profile.class.php';
include_once NAVIGATE_PATH . '/lib/packages/webuser_votes/webuser_vote.class.php';
foreach ($objects as $object) {
$json = $object::backup('json');
$zip->addFromString('database/' . $object . '.json', $json);
}
// themes
$DB->reconnect();
$this->status = 'themes';
$this->update();
$files = rglob("*", GLOB_MARK, NAVIGATE_PATH . '/themes');
foreach ($files as $file) {
if (!file_exists($file)) {
continue;
}
$file = substr($file, strlen(NAVIGATE_PATH . '/'));
if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") {
continue;
}
$zip->addFile($file);
}
// templates
$files = rglob("*", GLOB_MARK, NAVIGATE_PRIVATE . '/' . $website->id . '/templates');
foreach ($files as $file) {
if (!file_exists($file)) {
continue;
}
$file = substr($file, strlen(NAVIGATE_PATH . '/'));
if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") {
continue;
}
$zip->addFile($file);
}
// webgets
$files = rglob("*", GLOB_MARK, NAVIGATE_PRIVATE . '/' . $website->id . '/webgets');
foreach ($files as $file) {
if (!file_exists($file)) {
continue;
}
$file = substr($file, strlen(NAVIGATE_PATH . '/'));
if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") {
continue;
}
$zip->addFile($file);
}
// extensions
$DB->reconnect();
$this->status = 'extensions';
$this->update();
$files = rglob("*", GLOB_MARK, NAVIGATE_PATH . '/plugins');
foreach ($files as $file) {
if (!file_exists($file)) {
continue;
}
$file = substr($file, strlen(NAVIGATE_PATH . '/'));
if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") {
continue;
}
$zip->addFile($file);
}
// files (uploads)
$DB->reconnect();
$this->status = 'files';
$this->update();
$files = rglob("*", GLOB_MARK, NAVIGATE_PRIVATE . '/' . $website->id . '/files');
foreach ($files as $file) {
if (!file_exists($file)) {
continue;
}
$file = substr($file, strlen(NAVIGATE_PATH . '/'));
if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") {
continue;
}
$zip->addFile($file);
}
$DB->reconnect();
$this->status = 'compress';
$this->update();
// compress
$zip->close();
// to do: upload to naviwebs backup service
/*
if($this->upload)
{
$DB->reconnect();
$this->status = 'upload';
$this->update();
}
*/
$DB->reconnect();
$this->status = 'completed';
$this->size = filesize(NAVIGATE_PRIVATE . $backup_filename);
$this->file = $backup_filename;
$this->update();
unset($zip);
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new webuser();
switch ($_REQUEST['act']) {
// json data retrieval & operations
case 'json':
case 1:
switch ($_REQUEST['oper']) {
case 'del':
// remove rows
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
break;
default:
// list or search
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
$where = ' website = ' . $website->id;
if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
if (isset($_REQUEST['quicksearch'])) {
$where .= $item->quicksearch($_REQUEST['quicksearch']);
} else {
if (isset($_REQUEST['filters'])) {
$filters = $_REQUEST['filters'];
if (is_array($filters)) {
$filters = json_encode($filters);
}
$where .= navitable::jqgridsearch($filters);
} else {
// single search
$where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
}
}
}
$DB->queryLimit('id,avatar,username,email,fullname,groups,joindate,access,access_begin,access_end', 'nv_webusers', $where, $orderby, $offset, $max);
$dataset = $DB->result();
$total = $DB->foundRows();
$dataset = grid_notes::summary($dataset, 'webuser', 'id');
global $webusers_groups_all;
$webusers_groups_all = webuser_group::all_in_array();
//echo $DB->get_last_error();
$out = array();
for ($i = 0; $i < count($dataset); $i++) {
$wug = str_replace('g', '', $dataset[$i]['groups']);
$wug = explode(',', $wug);
$wug = array_map(function ($in) {
global $webusers_groups_all;
if (empty($in)) {
return;
}
return $webusers_groups_all[$in];
}, $wug);
$blocked = 1;
if ($dataset[$i]['access'] == 0 || $dataset[$i]['access'] == 2 && ($dataset[$i]['access_begin'] == 0 || $dataset[$i]['access_begin'] < time()) && ($dataset[$i]['access_end'] == 0 || $dataset[$i]['access_end'] > time())) {
$blocked = 0;
}
$out[$i] = array(0 => $dataset[$i]['id'], 1 => empty($dataset[$i]['avatar']) ? '' : '<img title="' . $dataset[$i]['username'] . '" src="' . NAVIGATE_DOWNLOAD . '?wid=' . $website->id . '&id=' . urlencode($dataset[$i]['avatar']) . '&disposition=inline&width=32&height=32" />', 2 => '<div class="list-row" data-blocked="' . $blocked . '" title="' . $dataset[$i]['email'] . '">' . $dataset[$i]['username'] . '</div>', 3 => $dataset[$i]['fullname'], 4 => implode("<br />", $wug), 5 => core_ts2date($dataset[$i]['joindate'], true), 6 => $blocked == 0 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />', 7 => $dataset[$i]['_grid_notes_html']);
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
break;
}
session_write_close();
exit;
break;
case 2:
// edit/new form
// edit/new form
case 'create':
case 'edit':
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
property::save_properties_from_post('webuser', $item->id);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->username, json_encode($_REQUEST));
}
} else {
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'load', $item->username);
}
}
$out = webusers_form($item);
break;
case 4:
// remove
// remove
case 'remove':
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = webusers_list();
users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->username, json_encode($_REQUEST));
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = webusers_form($item);
}
}
break;
case 90:
// json request: timezones by country
$timezones = property::timezones($_REQUEST['country']);
if (empty($timezones)) {
$timezones = property::timezones();
}
echo json_encode($timezones);
core_terminate();
break;
case 'export':
// export web users list to a CSV file
users_log::action($_REQUEST['fid'], 0, 'export', "all", json_encode($_REQUEST));
webuser::export();
break;
case 'webuser_groups_list':
$out = webuser_groups_list();
break;
case 'webuser_groups_json':
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$rs = webuser_group::all($_REQUEST['sidx'], $_REQUEST['sord']);
$dataset = array();
foreach ($rs as $row) {
$dataset[] = array('id' => $row->id, 'code' => $row->code, 'name' => $row->name);
}
$total = count($dataset);
navitable::jqgridJson($dataset, $page, $offset, $max, $total, 'id');
session_write_close();
exit;
break;
case 'webuser_group_edit':
$webuser_group = new webuser_group();
if (!empty($_REQUEST['id'])) {
$webuser_group->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent'])) {
$webuser_group->load_from_post();
try {
$ok = $webuser_group->save();
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
users_log::action($_REQUEST['fid'], $webuser_group->id, 'save_webuser_group', $webuser_group->name, json_encode($_REQUEST));
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
} else {
users_log::action($_REQUEST['fid'], $webuser_group->id, 'load_webuser_group', $webuser_group->name, json_encode($_REQUEST));
}
$out = webuser_groups_form($webuser_group);
break;
case 'webuser_group_delete':
$webuser_group = new webuser_group();
if (!empty($_REQUEST['id'])) {
$webuser_group->load(intval($_REQUEST['id']));
}
try {
$webuser_group->delete();
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = webuser_groups_list();
users_log::action($_REQUEST['fid'], $webuser_group->id, 'remove_webuser_group', $webuser_group->name, json_encode($_REQUEST));
} catch (Exception $e) {
$out = $layout->navigate_message("error", t(24, 'Web users') . ' / ' . t(506, 'Groups'), t(56, 'Unexpected error.'));
}
break;
case 0:
// list / search result
// list / search result
case 'list':
default:
$out = webusers_list();
break;
}
return $out;
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
global $theme;
$out = '';
$item = new structure();
switch ($_REQUEST['act']) {
case 'load':
case 'edit':
case 2:
// edit/new form
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
property::save_properties_from_post('structure', $item->id);
$item = $item->reload();
// reorder associated category elements
if (!empty($_POST['elements-order'])) {
$response = item::reorder($_POST['elements-order']);
if ($response !== true) {
throw new Exception($response);
}
}
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST));
}
} else {
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'load', $item->dictionary[$website->languages_list[0]]['title']);
}
}
$out = structure_form($item);
break;
case 3:
case "reorder":
$ok = structure::reorder($_REQUEST['parent'], $_REQUEST['children_order']);
echo json_encode($ok);
core_terminate();
break;
case "homepager":
$node = $_REQUEST['node'];
$website->homepage = $node;
$ok = $website->save();
echo json_encode($ok);
core_terminate();
break;
case 4:
case "remove":
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$structure = structure::hierarchy(-1);
// root level (0) including Web node (-1)
$out = structure_tree($structure);
users_log::action($_REQUEST['fid'], $item->id, 'remove');
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = structure_form($item);
}
}
break;
case 95:
// free path checking
$path = $_REQUEST['path'];
$id = $_REQUEST['id'];
$DB->query('SELECT type, object_id, lang
FROM nv_paths
WHERE path = ' . protect($path) . '
AND website = ' . $website->id);
$rs = $DB->result();
echo json_encode($rs);
core_terminate();
break;
case "category_path":
// return category paths
echo json_encode(path::loadElementPaths('structure', intval($_REQUEST['id'])));
core_terminate();
break;
case 'json_find_item':
// find items by its title
// the items must have its own path (free OR not embedded to a category)
$DB->query('
SELECT SQL_CALC_FOUND_ROWS nvw.node_id as id, nvw.text as text
FROM nv_webdictionary nvw, nv_items nvi
WHERE nvw.node_type = "item"
AND nvw.node_id = nvi.id
AND nvw.subtype = "title"
AND ( nvi.association = "free" OR
(nvi.association = "category" AND nvi.embedding=0)
)
AND nvw.lang = ' . protect($_REQUEST['lang']) . '
AND nvw.website = ' . $website->id . '
AND nvw.website = nvi.website
AND nvw.text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . '
ORDER BY nvw.text ASC
LIMIT ' . intval($_REQUEST['page_limit']) . '
OFFSET ' . max(0, intval($_REQUEST['page_limit']) * (intval($_REQUEST['page']) - 1)), 'array');
$rows = $DB->result();
$total = $DB->foundRows();
echo json_encode(array('items' => $rows, 'totalCount' => $total));
core_terminate();
break;
case "search_by_title":
// json search title request (for "copy from" properties dialog)
$DB->query('
SELECT node_id as id, text as label, text as value
FROM nv_webdictionary
WHERE node_type = "structure"
AND subtype = "title"
AND lang = ' . protect($_REQUEST['lang']) . '
AND website = ' . $website->id . '
AND text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . '
ORDER BY text ASC
LIMIT 30', 'array');
echo json_encode($DB->result());
core_terminate();
break;
case "copy_from_template_zones":
// return template properties for a structure id
$item = new structure();
$item->load(intval($_REQUEST['id']));
$template = new template();
$template->load($item->template);
$zones = array();
for ($ps = 0; $ps < count($template->properties); $ps++) {
// ignore non structure properties
if (!isset($template->properties[$ps]->element) || $template->properties[$ps]->element != 'structure') {
continue;
}
// ignore non-textual properties
if (!in_array($template->properties[$ps]->type, array("text", "textarea", "rich_textarea"))) {
continue;
}
$title = $template->properties[$ps]->name;
if (!empty($theme)) {
$title = $theme->t($title);
}
$zones[] = array('type' => 'property', 'code' => $template->properties[$ps]->id, 'title' => $title);
}
echo json_encode($zones);
core_terminate();
break;
case "raw_zone_content":
// return raw item contents
if ($_REQUEST['zone'] == 'property') {
$DB->query('SELECT text
FROM nv_webdictionary
WHERE node_type = "property-structure"
AND subtype = ' . protect('property-' . $_REQUEST['section'] . '-' . $_REQUEST['lang']) . '
AND lang = ' . protect($_REQUEST['lang']) . '
AND website = ' . $website->id . '
AND node_id = ' . protect($_REQUEST['node_id']), 'array');
$data = $DB->first();
echo $data['text'];
}
core_terminate();
break;
case 'votes_reset':
webuser_vote::remove_object_votes('structure', intval($_REQUEST['id']));
echo 'true';
core_terminate();
break;
case 'votes_by_webuser':
if ($_POST['oper'] == 'del') {
$ids = explode(',', $_POST['id']);
for ($i = 0; $i < count($ids); $i++) {
if ($ids[$i] > 0) {
$vote = new webuser_vote();
$vote->load($ids[$i]);
$vote->delete();
}
}
webuser_vote::update_object_score('structure', $vote->object_id);
echo 'true';
core_terminate();
}
$max = intval($_GET['rows']);
$page = intval($_GET['page']);
$offset = ($page - 1) * $max;
if ($_REQUEST['_search'] == 'false') {
list($dataset, $total) = webuser_vote::object_votes_by_webuser('structure', intval($_REQUEST['id']), $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'], $offset, $max);
}
$out = array();
for ($i = 0; $i < count($dataset); $i++) {
if (empty($dataset[$i])) {
continue;
}
$out[$i] = array(0 => $dataset[$i]['id'], 1 => core_ts2date($dataset[$i]['date'], true), 2 => $dataset[$i]['username']);
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
core_terminate();
break;
case 0:
// tree / search result
// tree / search result
default:
$structure = structure::hierarchy(-1);
// root level (0) including Web node (-1)
$out = structure_tree($structure);
break;
}
return $out;
}
function run()
{
global $layout;
global $DB;
global $website;
global $theme;
global $user;
$out = '';
$item = new item();
switch ($_REQUEST['act']) {
case 'json':
case 1:
// json data retrieval & operations
switch ($_REQUEST['oper']) {
case 'del':
// remove rows
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
break;
default:
// list or search
// translation of request search & order fields
switch ($_REQUEST['searchField']) {
case 'id':
$_REQUEST['searchField'] = 'i.id';
break;
case 'title':
$_REQUEST['searchField'] = 'd.text';
break;
case 'language':
$_REQUEST['searchField'] = 'd.lang';
break;
case 'category':
$_REQUEST['searchField'] = 'i.category';
break;
case 'dates':
$_REQUEST['searchField'] = 'i.date_published';
break;
case 'permission':
$_REQUEST['searchField'] = 'i.permission';
break;
default:
}
if ($_REQUEST['sidx'] == 'dates') {
$_REQUEST['sidx'] = 'i.date_published';
}
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
$where = ' i.website = ' . $website->id;
if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
if (isset($_REQUEST['quicksearch'])) {
$where .= $item->quicksearch($_REQUEST['quicksearch']);
} else {
if (isset($_REQUEST['filters'])) {
if (is_array($_REQUEST['filters'])) {
$filters = json_decode(json_encode($_REQUEST['filters']), FALSE);
} else {
$filters = json_decode($_REQUEST['filters']);
}
for ($r = 0; $r < count($filters->rules); $r++) {
switch ($filters->rules[$r]->field) {
case 'id':
$filters->rules[$r]->field = 'i.id';
break;
case 'title':
$filters->rules[$r]->field = 'd.text';
break;
case 'language':
$filters->rules[$r]->field = 'd.lang';
break;
case 'category':
$filters->rules[$r]->field = 'i.category';
break;
case 'dates':
$filters->rules[$r]->field = 'i.date_published';
break;
case 'permission':
$filters->rules[$r]->field = 'i.permission';
break;
default:
}
}
$where .= navitable::jqgridsearch(json_encode($filters));
} else {
// single search
$where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
}
}
}
$sql = ' SELECT SQL_CALC_FOUND_ROWS
i.*, d.text as title, d.lang as language,
u.username as author_username,
( SELECT COUNT(*)
FROM nv_comments cm
WHERE cm.item = i.id
AND cm.website = ' . $website->id . '
) as comments
FROM nv_items i
LEFT JOIN nv_webdictionary d
ON i.id = d.node_id
AND d.node_type = "item"
AND d.subtype = "title"
AND d.lang = "' . $website->languages_list[0] . '"
AND d.website = ' . $website->id . '
LEFT JOIN nv_users u
ON u.id = i.author
WHERE ' . $where . '
GROUP BY i.id, d.text, d.lang, u.username
ORDER BY ' . $orderby . '
LIMIT ' . $max . '
OFFSET ' . $offset;
if (!$DB->query($sql, 'array')) {
throw new Exception($DB->get_last_error());
}
$dataset = $DB->result();
$total = $DB->foundRows();
$dataset = grid_notes::summary($dataset, 'item', 'id');
$access = array(0 => '<img src="img/icons/silk/page_white_go.png" align="absmiddle" title="' . t(254, 'Everybody') . '" />', 1 => '<img src="img/icons/silk/lock.png" align="absmiddle" title="' . t(361, 'Web users only') . '" />', 2 => '<img src="img/icons/silk/user_gray.png" align="absmiddle" title="' . t(363, 'Users who have not yet signed up or signed in') . '" />', 3 => '<img src="img/icons/silk/group_key.png" align="absmiddle" title="' . t(512, "Selected web user groups") . '" />');
$permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden'));
$hierarchy = structure::hierarchy(0);
// we need to format the values and retrieve the needed strings from the dictionary
$out = array();
for ($i = 0; $i < count($dataset); $i++) {
if (empty($dataset[$i])) {
continue;
}
if (empty($dataset[$i]['date_published'])) {
$dataset[$i]['date_published'] = '∞';
} else {
$dataset[$i]['date_published'] = core_ts2date($dataset[$i]['date_published'], false);
}
if (empty($dataset[$i]['date_unpublish'])) {
$dataset[$i]['date_unpublish'] = '∞';
} else {
$dataset[$i]['date_unpublish'] = core_ts2date($dataset[$i]['date_unpublish'], false);
}
if (empty($dataset[$i]['date_to_display'])) {
$dataset[$i]['date_to_display'] = '';
} else {
$dataset[$i]['date_to_display'] = core_ts2date($dataset[$i]['date_to_display'], false);
}
if ($dataset[$i]['category'] > 0) {
$category_path = structure::hierarchyPath($hierarchy, $dataset[$i]['category']);
if (is_array($category_path)) {
$dataset[$i]['category_path'] = implode(' › ', $category_path);
} else {
$dataset[$i]['category_path'] = $category_path;
}
}
$category_text = '';
if ($dataset[$i]['association'] == 'free') {
$category_text = '[ ' . strtolower(t(100, 'Free')) . ' ]';
} else {
$category_text = $dataset[$i]['category_path'];
}
$item_views = $dataset[$i]['views'];
if ($item_views > 1000) {
$item_views = round($item_views / 1000) . "K";
}
$item_comments = $dataset[$i]['comments'];
if ($item_comments > 1000) {
$item_comments = round($item_comments / 1000) . "K";
}
//$social_rating = '<img src="img/icons/silk/star.png" align="absmiddle" width="12px" height="12px" /> '.
// '<span style="font-size: 90%;">'.$dataset[$i]['score'].' ('.$dataset[$i]['votes'].')</span>';
//$social_rating = '<i class="fa fa-fw fa-eye" /> <span style="font-size: 90%;">'.$dataset[$i]['views'].'</span>';
$social_rating = '<img src="img/icons/silk/eye.png" align="absmiddle" width="12px" height="12px" /> ' . '<span style="font-size: 90%;">' . $item_views . '</span>';
//$social_comments = '<i class="fa fa-fw fa-comments-o" /> <span style="font-size: 90%;">'.$dataset[$i]['comments'].'</span>';
$social_comments = '<img src="img/icons/silk/comments.png" align="absmiddle" width="12px" height="12px" /> ' . '<span style="font-size: 90%;">' . $item_comments . '</span>';
if (empty($dataset[$i]['title'])) {
// if title is empty for the default language,
// try to load the title in another language
$DB->query('
SELECT lang, text
FROM nv_webdictionary
WHERE website = ' . $website->id . ' AND
node_type = "item" AND
subtype="title" AND
node_id = ' . $dataset[$i]['id'] . ' AND
text != ""
ORDER BY id ASC');
$titles = $DB->result();
if (!empty($titles)) {
$dataset[$i]['title'] = '<img src="img/icons/silk/comment.png" align="absmiddle" />';
$dataset[$i]['title'] .= '<small>' . $titles[0]->lang . '</small> ';
$dataset[$i]['title'] .= $titles[0]->text;
}
}
$out[$i] = array(0 => $dataset[$i]['id'], 1 => '<div class="list-row" data-permission="' . $dataset[$i]['permission'] . '">' . $dataset[$i]['title'] . '</div>', 2 => $social_rating . ' ' . $social_comments, 3 => $category_text, 4 => $dataset[$i]['date_to_display'], 5 => $dataset[$i]['date_published'] . ' - ' . $dataset[$i]['date_unpublish'], 6 => $access[$dataset[$i]['access']] . ' ' . $permissions[$dataset[$i]['permission']], 7 => $dataset[$i]['_grid_notes_html']);
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
break;
}
core_terminate();
break;
case 'load':
case 'create':
case 'edit':
case 2:
// edit/new form
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($user->permission("items.edit") == "false" && $item->author != $user->id) {
$layout->navigate_notification(t(610, "Sorry, you are not allowed to execute the requested function"), true);
$_REQUEST['act'] = 'list';
return run();
}
// check if the current user can edit this item
if ($item->association == 'category' && !empty($item->category)) {
if (!structure::category_allowed($item->category)) {
$layout->navigate_notification(t(610, "Sorry, you are not allowed to execute the requested function"), true);
$_REQUEST['act'] = 'list';
return run();
}
}
}
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
property::save_properties_from_post('item', $item->id);
if (!empty($_REQUEST['items-order'])) {
item::reorder($_REQUEST['items-order']);
}
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
$item->load($item->id);
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST));
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
} else {
users_log::action($_REQUEST['fid'], $item->id, 'load', $item->dictionary[$website->languages_list[0]]['title']);
}
$out = items_form($item);
break;
case 'delete':
case 4:
// remove
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
try {
if (!empty($item->id)) {
$deleted = $item->delete() > 0;
if ($deleted) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = items_list();
users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST));
}
}
if (!$deleted) {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
if (!empty($item->id)) {
$out = items_form($item);
} else {
$out = items_list();
}
}
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true);
if (!empty($item->id)) {
$out = items_form($item);
}
}
}
break;
case 'duplicate':
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->association == 'category' && $item->embedding == 1) {
// get structure template
$category = new structure();
$category->load($item->category);
$properties = property::load_properties_associative('structure', $category->template, 'item', $item->id);
} else {
$properties = property::load_properties_associative('item', $item->template, 'item', $item->id);
}
// try to duplicate
$item->id = 0;
$ok = $item->insert();
if ($ok) {
// duplicate item properties too (but don't duplicate comments)
if ($item->association == 'category' && $item->embedding == 1) {
$ok = property::save_properties_from_array('item', $item->id, $category->template, $properties);
} else {
$ok = property::save_properties_from_array('item', $item->id, $item->template, $properties);
}
}
if ($ok) {
$layout->navigate_notification(t(478, 'Item duplicated successfully.'), false, false, 'fa fa-check');
$out = items_form($item);
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$item = new item();
$item->load(intval($_REQUEST['id']));
$out = items_form($item);
}
users_log::action($_REQUEST['fid'], $item->id, 'duplicate', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST));
}
break;
case 89:
if (!empty($_REQUEST['id'])) {
$DB->execute('DELETE FROM nv_webdictionary_history WHERE id = ' . intval($_REQUEST['id']) . ' LIMIT 1');
echo 'true';
} else {
echo 'false';
}
core_terminate();
break;
case 90:
$DB->query('SELECT id, date_created, autosave
FROM nv_webdictionary_history
WHERE node_type = "item"
AND subtype = ' . protect('section-' . $_REQUEST['section']) . '
AND lang = ' . protect($_GET['lang']) . '
AND node_id = ' . protect($_REQUEST['id']) . '
AND website = ' . $website->id . '
ORDER BY date_created DESC', 'array');
$result = $DB->result();
if (!is_array($result)) {
$result = array();
}
for ($i = 0; $i < count($result); $i++) {
$result[$i]['date'] = core_ts2date($result[$i]['date_created'], true);
if ($result[$i]['autosave'] == 1) {
$result[$i]['date'] .= ' (' . t(273, 'Autosave') . ')';
}
}
echo json_encode($result);
core_terminate();
break;
case "search_by_title":
case 91:
// json search title request (for "copy from" dialog)
$DB->query('
SELECT node_id as id, text as label, text as value
FROM nv_webdictionary
WHERE node_type = "item"
AND subtype = "title"
AND lang = ' . protect($_REQUEST['lang']) . '
AND website = ' . $website->id . '
AND text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . '
ORDER BY text ASC
LIMIT 20', 'array');
echo json_encode($DB->result());
core_terminate();
break;
case "raw_zone_content":
// return raw item contents
if (empty($_REQUEST['section'])) {
$_REQUEST['section'] = 'main';
}
if ($_REQUEST['history'] == 'true') {
$DB->query('SELECT text
FROM nv_webdictionary_history
WHERE node_type = "item"
AND website = ' . $website->id . '
AND id = ' . protect($_REQUEST['id']), 'array');
$data = $DB->first();
echo $data['text'];
} else {
if ($_REQUEST['zone'] == 'section') {
$DB->query('SELECT text
FROM nv_webdictionary
WHERE node_type = "item"
AND subtype = ' . protect('section-' . $_REQUEST['section']) . '
AND lang = ' . protect($_REQUEST['lang']) . '
AND website = ' . $website->id . '
AND node_id = ' . protect($_REQUEST['node_id']), 'array');
$data = $DB->first();
echo $data['text'];
} else {
if ($_REQUEST['zone'] == 'property') {
$DB->query('SELECT text
FROM nv_webdictionary
WHERE node_type = "property-item"
AND subtype = ' . protect('property-' . $_REQUEST['section'] . '-' . $_REQUEST['lang']) . '
AND lang = ' . protect($_REQUEST['lang']) . '
AND website = ' . $website->id . '
AND node_id = ' . protect($_REQUEST['node_id']), 'array');
$data = $DB->first();
echo $data['text'];
}
}
}
core_terminate();
break;
// return raw template content
// return raw template content
case 93:
$DB->query('SELECT file
FROM nv_templates
WHERE enabled = 1
AND id = ' . protect($_REQUEST['id']) . '
AND website = ' . $website->id, 'array');
$data = $DB->first();
echo @file_get_contents(NAVIGATE_PRIVATE . '/' . $website->id . '/templates/' . $data['file']);
core_terminate();
break;
case "copy_from_template_zones":
// return template sections and (textarea) properties for a content id
$item = new item();
$item->load(intval($_REQUEST['id']));
$template = $item->load_template();
$zones = array();
for ($ts = 0; $ts < count($template->sections); $ts++) {
$title = $template->sections[$ts]['name'];
if (!empty($theme)) {
$title = $theme->t($title);
}
if ($title == '#main#') {
$title = t(238, 'Main content');
}
$zones[] = array('type' => 'section', 'id' => $template->sections[$ts]['id'], 'title' => $title);
}
for ($ps = 0; $ps < count($template->properties); $ps++) {
// ignore structure properties
if (isset($template->properties[$ps]->element) && $template->properties[$ps]->element != 'item') {
continue;
}
// ignore non-textual properties
if (!in_array($template->properties[$ps]->type, array("text", "textarea", "rich_textarea"))) {
continue;
}
$title = $template->properties[$ps]->name;
if (!empty($theme)) {
$title = $theme->t($title);
}
$zones[] = array('type' => 'property', 'id' => $template->properties[$ps]->id, 'title' => $title);
}
echo json_encode($zones);
core_terminate();
break;
case 95:
// free path checking
$path = $_REQUEST['path'];
$id = $_REQUEST['id'];
$DB->query('SELECT type, object_id, lang
FROM nv_paths
WHERE path = ' . protect($path) . '
AND website = ' . $website->id);
$rs = $DB->result();
echo json_encode($rs);
core_terminate();
break;
case 96:
// return category paths
echo json_encode(path::loadElementPaths('structure', intval($_REQUEST['id'])));
core_terminate();
break;
case 'json_find_user':
// json find user by name request (for "moderator" autocomplete)
$DB->query('
SELECT id, username as text
FROM nv_users
WHERE username LIKE ' . protect('%' . $_REQUEST['username'] . '%') . '
ORDER BY username ASC
LIMIT 30', 'array
');
$rows = $DB->result();
$total = $DB->foundRows();
echo json_encode(array('items' => $rows, 'total_count' => $total));
core_terminate();
break;
case 'json_find_item':
// find items by its title
// any language
$template_filter = '';
if (!empty($_REQUEST['template'])) {
$template_filter = ' AND nvi.template = ' . protect($_REQUEST['template']) . ' ';
}
if (!empty($_REQUEST['association'])) {
$template_filter = ' AND nvi.association = ' . protect($_REQUEST['association']) . ' ';
}
if (isset($_REQUEST['embedding'])) {
$template_filter = ' AND nvi.embedding = ' . protect($_REQUEST['embedding']) . ' ';
}
$text = $_REQUEST['title'];
if (!empty($_REQUEST['term'])) {
// tagit request
$text = $_REQUEST['term'];
}
$DB->query('
SELECT SQL_CALC_FOUND_ROWS DISTINCT nvw.node_id as id, nvw.text as text
FROM nv_webdictionary nvw, nv_items nvi
WHERE nvw.node_type = "item"
AND nvw.node_id = nvi.id
' . $template_filter . '
AND nvw.subtype = "title"
AND nvw.website = ' . $website->id . '
AND nvw.website = nvi.website
AND nvw.text LIKE ' . protect('%' . $text . '%') . '
GROUP BY nvw.node_id, nvw.text
ORDER BY nvw.text ASC
LIMIT ' . intval($_REQUEST['page_limit']) . '
OFFSET ' . max(0, intval($_REQUEST['page_limit']) * (intval($_REQUEST['page']) - 1)), 'array');
$rows = $DB->result();
$total = $DB->foundRows();
if ($_REQUEST['association'] == 'free') {
for ($i = 0; $i < count($rows); $i++) {
$rows[$i]['path'] = $DB->query_single('path', 'nv_paths', ' website = ' . protect($website->id) . ' AND
type="item" AND
object_id="' . $rows[$i]['id'] . '" AND
lang="' . $website->languages_list[0] . '"
');
if (empty($rows[$i]['path'])) {
$rows[$i]['path'] = '/node/' . $rows[$i]['id'];
}
}
}
if (empty($_REQUEST['format']) || $_REQUEST['format'] == 'select2') {
echo json_encode(array('items' => $rows, 'totalCount' => $total));
} else {
if ($_REQUEST['format'] == 'tagit') {
$tags_json = array();
foreach ($rows as $row) {
$tags_json[] = json_decode('{ "id": "' . $row['id'] . '", "label": "' . $row['text'] . '", "value": "' . $row['text'] . '" }');
}
echo json_encode($tags_json);
}
}
core_terminate();
break;
case 98:
// change comment status
if (empty($_REQUEST['id'])) {
echo "false";
core_terminate();
}
switch ($_REQUEST['opt']) {
case 'publish':
$DB->execute('
UPDATE nv_comments
SET status = 0
WHERE website = ' . $website->id . ' AND
id = ' . $_REQUEST['id']);
break;
case 'unpublish':
$DB->execute('
UPDATE nv_comments
SET status = 1
WHERE website = ' . $website->id . ' AND
id = ' . $_REQUEST['id']);
break;
case 'delete':
$DB->execute('
DELETE FROM nv_comments
WHERE website = ' . $website->id . ' AND
id = ' . $_REQUEST['id']);
break;
}
$error = $DB->get_last_error();
if (empty($error)) {
echo 'true';
} else {
echo 'false';
}
core_terminate();
break;
case 'autosave':
if (!empty($_REQUEST['id'])) {
$iDictionary = array();
foreach ($_REQUEST as $key => $value) {
if (strpos($key, 'section-') === 0) {
$lang = substr($key, -2, 2);
$kname = substr($key, 0, strlen($key) - 3);
$iDictionary[$lang][$kname] = $value;
}
}
$changed = webdictionary_history::save_element_strings('item', intval($_REQUEST['id']), $iDictionary, true);
if ($changed) {
echo 'changes_saved';
} else {
echo 'no_changes';
}
core_terminate();
}
echo 'false';
core_terminate();
break;
case 'votes_reset':
webuser_vote::remove_object_votes('item', intval($_REQUEST['id']));
echo 'true';
core_terminate();
break;
case 'votes_by_webuser':
if ($_POST['oper'] == 'del') {
$ids = explode(',', $_POST['id']);
for ($i = 0; $i < count($ids); $i++) {
if ($ids[$i] > 0) {
$vote = new webuser_vote();
$vote->load($ids[$i]);
$vote->delete();
}
}
webuser_vote::update_object_score('item', $vote->object_id);
echo 'true';
core_terminate();
}
$max = intval($_GET['rows']);
$page = intval($_GET['page']);
$offset = ($page - 1) * $max;
if ($_REQUEST['_search'] == 'false') {
list($dataset, $total) = webuser_vote::object_votes_by_webuser('item', intval($_REQUEST['id']), $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'], $offset, $max);
}
$out = array();
for ($i = 0; $i < count($dataset); $i++) {
if (empty($dataset[$i])) {
continue;
}
$out[$i] = array(0 => $dataset[$i]['id'], 1 => core_ts2date($dataset[$i]['date'], true), 2 => $dataset[$i]['username']);
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
core_terminate();
break;
case 'items_order':
if (!empty($_POST['items-order'])) {
// save new order
$response = item::reorder($_POST['items-order']);
if ($response !== true) {
echo $response['error'];
} else {
echo 'true';
}
} else {
// show ordered list
echo items_order($_REQUEST['category']);
}
core_terminate();
break;
case 'json_tags_search':
$tags = nvweb_tags_retrieve(null, null, 'top', $_REQUEST['term'], $_REQUEST['lang']);
$tags_json = array();
foreach (array_keys($tags) as $tag) {
$tags_json[] = json_decode('{ "id": "' . $tag . '", "label": "' . $tag . '", "value": "' . $tag . '" }');
}
echo json_encode($tags_json);
core_terminate();
break;
case 'json_tags_ranking':
$tags = nvweb_tags_retrieve(100, null, 'top', null, $_REQUEST['lang']);
$tags = array_keys($tags);
echo json_encode($tags);
core_terminate();
break;
case 'list':
case 0:
// list / search result
// list / search result
default:
$out = items_list();
break;
}
return $out;
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new website();
switch ($_REQUEST['act']) {
case 'json':
case 1:
// json data retrieval & operations
switch ($_REQUEST['oper']) {
case 'search_links':
// active website only!
$text = $_REQUEST['text'];
$lang = $_REQUEST['lang'];
if (empty($lang)) {
$lang = array_keys($website->languages)[0];
}
$DB->query('
SELECT p.path, d.text
FROM nv_paths p, nv_webdictionary d
WHERE p.website = ' . protect($website->id) . ' AND
p.lang = ' . protect($lang) . ' AND
d.website = p.website AND
d.node_type = p.type AND
d.node_id = p.object_id AND
d.lang = p.lang AND
d.subtype = "title" AND
(
p.path LIKE ' . protect('%' . $text . '%') . ' OR
d.text LIKE ' . protect('%' . $text . '%') . '
)
ORDER BY d.id DESC
LIMIT 10
');
$result = $DB->result();
echo json_encode($result);
core_terminate();
break;
case 'del':
// remove rows
if ($user->permission('websites.delete') == 'true') {
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
}
core_terminate();
break;
default:
// list or search
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
$where = " 1=1 ";
if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
if (isset($_REQUEST['quicksearch'])) {
$where .= $item->quicksearch($_REQUEST['quicksearch']);
} else {
if (isset($_REQUEST['filters'])) {
$where .= navitable::jqgridsearch($_REQUEST['filters']);
} else {
// single search
$where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
}
}
}
$DB->queryLimit('id,name,subdomain,domain,folder,homepage,permission,favicon', 'nv_websites', $where, $orderby, $offset, $max);
$dataset = $DB->result();
$total = $DB->foundRows();
//echo $DB->get_last_error();
$out = array();
$permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden'));
for ($i = 0; $i < count($dataset); $i++) {
$homepage = 'http://';
$homepage_relative_url = $dataset[$i]['homepage'];
if (is_numeric($homepage_relative_url)) {
$homepage_relative_url = path::loadElementPaths('structure', $homepage_relative_url);
$homepage_relative_url = array_shift($homepage_relative_url);
}
if (!empty($dataset[$i]['subdomain'])) {
$homepage .= $dataset[$i]['subdomain'] . '.';
}
$homepage .= $dataset[$i]['domain'] . $dataset[$i]['folder'] . $homepage_relative_url;
$favicon = '';
if (!empty($dataset[$i]['favicon'])) {
$favicon = '<img src="' . NVWEB_OBJECT . '?type=img&id=' . $dataset[$i]['favicon'] . '&width=16&height=16" align="absmiddle" height="16" />';
}
$out[$i] = array(0 => $dataset[$i]['id'], 1 => $favicon, 2 => $dataset[$i]['name'], 3 => '<a href="' . $homepage . '" target="_blank"><img align="absmiddle" src="' . NAVIGATE_URL . '/img/icons/silk/house_link.png"></a> ' . $homepage, 4 => $permissions[$dataset[$i]['permission']]);
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
break;
}
session_write_close();
exit;
break;
case 'edit':
case 2:
// edit/new form
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent']) && $user->permission('websites.edit') == 'true') {
$item->load_from_post();
try {
$item->save();
$id = $item->id;
unset($item);
$item = new website();
$item->load($id);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->name, json_encode($_REQUEST));
}
} else {
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'load', $item->name);
}
}
$out = websites_form($item);
break;
case 'remove':
case 4:
if (!empty($_REQUEST['id']) && $user->permission('websites.delete') == 'true') {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->name, json_encode($_REQUEST));
}
// if we don't have any websites, tell user a new one will be created
$test = $DB->query_single('id', 'nv_websites');
if (empty($test) || !$test) {
$layout->navigate_notification(t(520, 'No website found; a default one has been created.'), false, true);
$nwebsite = new website();
$nwebsite->create_default();
}
$out = websites_list();
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = websites_form($item);
}
}
break;
case 5:
// search an existing path
$DB->query('SELECT path as id, path as label, path as value
FROM nv_paths
WHERE path LIKE ' . protect('%' . $_REQUEST['term'] . '%') . '
AND website = ' . protect($_REQUEST['wid']) . '
ORDER BY path ASC
LIMIT 30', 'array');
echo json_encode($DB->result());
core_terminate();
break;
case 'email_test':
$website->mail_mailer = $_REQUEST['mail_mailer'];
$website->mail_server = $_REQUEST['mail_server'];
$website->mail_port = $_REQUEST['mail_port'];
$website->mail_address = $_REQUEST['mail_address'];
$website->mail_user = $_REQUEST['mail_user'];
$website->mail_security = $_REQUEST['mail_security'] == "true" || $_REQUEST['mail_security'] == "1" ? "1" : "0";
if (!empty($_REQUEST['mail_password'])) {
$website->mail_password = $_REQUEST['mail_password'];
}
$ok = navigate_send_email(APP_NAME, APP_NAME . '<br /><br />' . NAVIGATE_URL, $_REQUEST['send_to']);
echo json_encode($ok);
core_terminate();
break;
case 'reset_statistics':
if ($user->permission('websites.edit') == 'true') {
$website_id = trim($_REQUEST['website']);
$website_id = intval($website_id);
$DB->execute('UPDATE nv_items SET views = 0 WHERE website = ' . $website_id);
$DB->execute('UPDATE nv_paths SET views = 0 WHERE website = ' . $website_id);
$DB->execute('UPDATE nv_structure SET views = 0 WHERE website = ' . $website_id);
echo 'true';
users_log::action($_REQUEST['fid'], $website_id, 'reset_statistics', "", json_encode($_REQUEST));
}
core_terminate();
break;
case 'replace_urls':
$old = trim($_REQUEST['old']);
$new = trim($_REQUEST['new']);
$website_id = trim($_REQUEST['website']);
if (!empty($old) && !empty($new)) {
// replace occurrences in nv_webdictionary
$ok = $DB->execute('
UPDATE nv_webdictionary
SET text = replace(text, :old, :new)
WHERE website = :wid', array(':old' => $old, ':new' => $new, ':wid' => $website_id));
// replace occurrences in nv_blocks (triggers & actions)
$ok = $DB->execute('
UPDATE nv_blocks
SET `trigger` = replace(`trigger`, :old, :new),
`action` = replace(`action`, :old, :new)
WHERE website = :wid', array(':old' => $old, ':new' => $new, ':wid' => $website_id));
echo $ok ? 'true' : 'false';
if ($ok) {
users_log::action($_REQUEST['fid'], $website_id, 'replace_urls', "", json_encode($_REQUEST));
}
} else {
echo 'false';
}
core_terminate();
break;
case 'remove_content':
$website_id = trim($_REQUEST['website']);
$website_id = intval($website_id);
$password = trim($_REQUEST['password']);
$authenticated = $user->authenticate($user->username, $password);
if ($authenticated) {
// remove all content except Webusers and Files
@set_time_limit(0);
$ok = $DB->execute('
DELETE FROM nv_blocks WHERE website = ' . $website_id . ';
DELETE FROM nv_block_groups WHERE website = ' . $website_id . ';
DELETE FROM nv_comments WHERE website = ' . $website_id . ';
DELETE FROM nv_structure WHERE website = ' . $website_id . ';
DELETE FROM nv_feeds WHERE website = ' . $website_id . ';
DELETE FROM nv_items WHERE website = ' . $website_id . ';
DELETE FROM nv_notes WHERE website = ' . $website_id . ';
DELETE FROM nv_paths WHERE website = ' . $website_id . ';
DELETE FROM nv_properties WHERE website = ' . $website_id . ';
DELETE FROM nv_properties_items WHERE website = ' . $website_id . ';
DELETE FROM nv_search_log WHERE website = ' . $website_id . ';
DELETE FROM nv_webdictionary WHERE website = ' . $website_id . ';
DELETE FROM nv_webdictionary_history WHERE website = ' . $website_id . ';
');
if ($ok) {
users_log::action($_REQUEST['fid'], $website_id, 'remove_content', "", json_encode($_REQUEST));
}
echo $ok ? 'true' : $DB->error();
} else {
echo '';
}
core_terminate();
break;
case 0:
// list / search result
// list / search result
default:
$out = websites_list();
break;
}
return $out;
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new feed();
switch ($_REQUEST['act']) {
case 1:
// json data retrieval & operations
switch ($_REQUEST['oper']) {
case 'del':
// remove rows
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
break;
default:
// list or search
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
$where = " f.website = " . $website->id;
if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
if (isset($_REQUEST['quicksearch'])) {
$where .= $item->quicksearch($_REQUEST['quicksearch']);
} else {
if (isset($_REQUEST['filters'])) {
$where .= navitable::jqgridsearch($_REQUEST['filters']);
} else {
// single search
$where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
}
}
}
$sql = ' SELECT SQL_CALC_FOUND_ROWS f.*, d.text as title
FROM nv_feeds f
LEFT JOIN nv_webdictionary d
ON f.id = d.node_id
AND d.node_type = "feed"
AND d.subtype = "title"
AND d.lang = "' . $website->languages_list[0] . '"
AND d.website = ' . $website->id . '
WHERE ' . $where . '
ORDER BY ' . $orderby . '
LIMIT ' . $max . '
OFFSET ' . $offset;
if (!$DB->query($sql, 'array')) {
throw new Exception($DB->get_last_error());
}
$dataset = $DB->result();
$total = $DB->foundRows();
$out = array();
$permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden'));
if (empty($dataset)) {
$rows = 0;
} else {
$rows = count($dataset);
}
for ($i = 0; $i < $rows; $i++) {
$out[$i] = array(0 => $dataset[$i]['id'], 1 => $dataset[$i]['title'], 2 => count(explode(',', $dataset[$i]['categories'])), 3 => $dataset[$i]['format'], 4 => $dataset[$i]['views'], 5 => $permissions[$dataset[$i]['permission']], 6 => $dataset[$i]['enabled'] == 1 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />');
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
break;
}
core_terminate();
break;
case 2:
// edit/new form
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
$id = $item->id;
unset($item);
$item = new feed();
$item->load($id);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
}
$out = feeds_form($item);
break;
case 4:
// remove
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = feeds_list();
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = feeds_list();
}
}
break;
case "path_check":
// check if a requested path is not used
$path = $_REQUEST['path'];
$id = $_REQUEST['id'];
$DB->query('SELECT type, object_id, lang
FROM nv_paths
WHERE path = ' . protect($path) . '
AND website = ' . $website->id);
$rs = $DB->result();
echo json_encode($rs);
core_terminate();
break;
case 0:
// list / search result
// list / search result
default:
$out = feeds_list();
break;
}
return $out;
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new backup();
switch ($_REQUEST['act']) {
case 1:
// json data retrieval & operations
switch ($_REQUEST['oper']) {
case 'del':
// remove rows
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
break;
default:
// list or search
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
$where = " i.website = " . $website->id;
if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
if (isset($_REQUEST['quicksearch'])) {
$where .= $item->quicksearch($_REQUEST['quicksearch']);
} else {
if (isset($_REQUEST['filters'])) {
$where .= navitable::jqgridsearch($_REQUEST['filters']);
} else {
// single search
$where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
}
}
}
$sql = ' SELECT SQL_CALC_FOUND_ROWS i.*
FROM nv_backups i
WHERE ' . $where . '
ORDER BY ' . $orderby . '
LIMIT ' . $max . '
OFFSET ' . $offset;
if (!$DB->query($sql, 'array')) {
throw new Exception($DB->get_last_error());
}
$dataset = $DB->result();
$total = $DB->foundRows();
$out = array();
if (empty($dataset)) {
$rows = 0;
} else {
$rows = count($dataset);
}
for ($i = 0; $i < $rows; $i++) {
$out[$i] = array(0 => $dataset[$i]['id'], 1 => core_ts2date($dataset[$i]['date_created'], true), 2 => $dataset[$i]['title'], 3 => core_bytes($dataset[$i]['size']), 4 => backup::status($dataset[$i]['status']));
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
break;
}
core_terminate();
break;
case 2:
// edit/new form
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if ($_REQUEST['form-sent'] == 'true') {
$item->load_from_post();
try {
// update an existing backup
$item->save();
$id = $item->id;
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
}
$out = backups_form($item);
break;
case 4:
// remove
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = backups_list();
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = webdictionary_list();
}
}
break;
case 'backup':
if (!empty($_REQUEST['id'])) {
// trick to generate a underground process ;)
@set_time_limit(0);
@ignore_user_abort(true);
$foo = str_pad('Navigate CMS ', 2048, 'Navigate CMS ');
header("HTTP/1.1 200 OK");
header("Content-Length: " . strlen($foo));
echo $foo;
header('Connection: close');
ob_end_flush();
ob_flush();
flush();
session_write_close();
// now the process is running in the server, the client thinks the http request has finished
$item->load(intval($_REQUEST['id']));
$item->backup();
}
core_terminate();
break;
case 'restore':
// TO DO: Restore
break;
case 'download':
// download backup
$item->load(intval($_REQUEST['id']));
ob_end_flush();
header('Content-type: application/zip');
header("Content-Length: " . filesize(NAVIGATE_PRIVATE . $item->file));
header('Content-Disposition: attachment; filename="' . basename($item->file) . '"');
readfile(NAVIGATE_PRIVATE . $item->file);
core_terminate();
break;
case 0:
// list / search result
// list / search result
default:
$out = backups_list();
break;
}
return $out;
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new file();
switch ($_REQUEST['act']) {
case 1:
// json retrieval & operations
// json retrieval & operations
case "json":
if ($_REQUEST['op'] == 'upload') {
$tmp_name = $_REQUEST['tmp_name'];
if ($tmp_name == "{{BASE64}}") {
$tmp_name = base64_encode($_REQUEST['name']);
}
$file = file::register_upload($tmp_name, $_REQUEST['name'], $_REQUEST['parent']);
if (!empty($file)) {
echo json_encode(array('id' => $file->id, 'name' => $file->name));
} else {
echo json_encode(false);
}
}
switch ($_REQUEST['op']) {
case 'create_folder':
file::create_folder($_REQUEST['name'], $_REQUEST['mime'], $_REQUEST['parent']);
echo json_encode(true);
break;
case 'edit_folder':
$f = new file();
$f->load(intval($_REQUEST['id']));
$f->name = $_REQUEST['name'];
$f->mime = $_REQUEST['mime'];
$ok = $f->save();
echo json_encode($ok);
break;
case 'edit_file':
$f = new file();
$f->load(intval($_REQUEST['id']));
$f->name = $_REQUEST['name'];
$ok = $f->save();
echo json_encode($ok);
break;
case 'duplicate_file':
//error_reporting(~0);
//ini_set('display_errors', 1);
$status = false;
$f = new file();
$f->load(intval($_REQUEST['id']));
$f->id = 0;
$f->insert();
if (!empty($f->id)) {
$done = copy(NAVIGATE_PRIVATE . '/' . $website->id . '/files/' . intval($_REQUEST['id']), NAVIGATE_PRIVATE . '/' . $website->id . '/files/' . $f->id);
$status = "true";
if (!$done) {
$f->delete();
$status = t(56, "Unexpected error");
}
}
echo $status;
break;
case 'move':
if (is_array($_REQUEST['item'])) {
$ok = true;
for ($i = 0; $i < count($_REQUEST['item']); $i++) {
unset($item);
$item = new file();
$item->load($_REQUEST['item'][$i]);
$item->parent = $_REQUEST['folder'];
$ok = $ok & $item->update();
}
echo json_encode($ok ? true : false);
} else {
$item->load($_REQUEST['item']);
$item->parent = $_REQUEST['folder'];
echo json_encode($item->update());
}
break;
case 'delete':
try {
$item->load($_REQUEST['id']);
$status = $item->delete();
echo json_encode($status);
} catch (Exception $e) {
echo $e->getMessage();
}
break;
case 'permissions':
$item->load($_REQUEST['id']);
if (!empty($_POST)) {
$item->access = intval($_POST['access']);
$item->permission = intval($_POST['permission']);
$item->enabled = intval($_POST['enabled']);
$item->groups = $_POST['groups'];
if ($item->access < 3) {
$item->groups = array();
}
$status = $item->save();
echo json_encode($status);
} else {
echo json_encode(array('access' => $item->access, 'groups' => $item->groups, 'permission' => $item->permission, 'enabled' => $item->enabled));
}
break;
case 'description':
$item->load($_REQUEST['id']);
if (!empty($_POST)) {
$item->title = array();
$item->description = array();
foreach ($website->languages as $language) {
$lcode = $language['code'];
if (!isset($_REQUEST['titles'][$lcode])) {
break;
}
$item->title[$lcode] = $_REQUEST['titles'][$lcode];
$item->description[$lcode] = $_REQUEST['descriptions'][$lcode];
}
$status = $item->save();
echo json_encode($status);
} else {
// return file title and description (alt)
$data = array('title' => $item->title, 'description' => $item->description);
echo json_encode($data);
}
break;
case 'focalpoint':
$item->load($_REQUEST['id']);
if (!empty($_POST)) {
$item->focalpoint = $_REQUEST['top'] . '#' . $_REQUEST['left'];
$status = $item->save();
// remove cached thumbnails
file::thumbnails_remove($item->id);
echo json_encode($status);
} else {
if (empty($item->focalpoint)) {
$item->focalpoint = '50#50';
$item->save();
// remove cached thumbnails
file::thumbnails_remove($item->id);
}
echo $item->focalpoint;
}
break;
case 'video_info':
if ($_REQUEST['provider'] == 'youtube') {
$item->load_from_youtube($_REQUEST['reference'], false);
// force cache reload
} else {
if ($_REQUEST['provider'] == 'vimeo') {
$item->load_from_vimeo($_REQUEST['reference'], false);
// force cache reload
} else {
if (!empty($_REQUEST['reference']) && is_numeric($_REQUEST['reference'])) {
$item->load($_REQUEST['reference']);
} else {
if (is_numeric($_REQUEST['provider'])) {
$item->load($_REQUEST['provider']);
} else {
unset($item);
}
}
if (!empty($item)) {
// add some extra data
$item->extra = array('reference' => $item->id, 'link' => '', 'thumbnail' => 'img/icons/ricebowl/mimetypes/video.png', 'thumbnail_big' => 'img/icons/ricebowl/mimetypes/video.png', 'thumbnail_url' => 'img/icons/ricebowl/mimetypes/video.png', 'duration' => '', 'embed_code' => '<video src="' . file::file_url($item->id, 'inline') . '></video>');
}
}
}
if (!empty($item)) {
echo json_encode($item);
} else {
echo false;
}
break;
}
session_write_close();
$DB->disconnect();
exit;
break;
case 2:
// show/edit item properties
// show/edit item properties
case "edit":
$item->load($_REQUEST['id']);
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
unset($item);
$item = new file();
$item->load($_REQUEST['id']);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
}
$out = files_item_properties($item);
break;
case 10:
case 'media_browser':
files_media_browser($_GET['limit'], $_GET['offset']);
break;
case 92:
// pixlr (image editor) overlay remover
// pixlr (image editor) overlay remover
case 'pixlr_exit':
ob_clean();
file::thumbnails_remove(intval($_GET['id']));
echo '
<html>
<head></head>
<body>
<script language="javascript" type="text/javascript">
//window.parent.eval("$(\'#thumbnail-cache\').attr(\'src\', $(\'#thumbnail-cache\').attr(\'src\') + \'&refresh=\' + new Date().getTime());");
window.parent.eval(\'$("#image-preview").attr("src", $("#image-preview").attr("src") + "&refresh=" + new Date().getTime());\');
window.parent.eval("pixlr.overlay.hide();");
</script>
</body>
</html>
';
core_terminate();
break;
/*
case 91: // picnik editing
ob_clean();
// $strPicnikUrl is the URL that we use to launch Picnik.
$strPicnikUrl = "http://www.picnik.com/service";
// $aPicnikParams collects together all the params we'll give Picnik. Start with an API key
$aPicnikParams['_apikey'] = $website->picnik_api_key;
// tell Picnik where to send the exported image
$aPicnikParams['_export'] = NAVIGATE_URL.'/navigate_upload.php?wid='.$website->id.'&engine=picnik&id='.$_REQUEST['id'].'&engine=picnik&session_id='.session_id();
// give the export button a title
$aPicnikParams['_export_title'] = t(34, 'Save');
// turn on the close button, and tell it to come back here
//$aPicnikParams['_close_target'] = $strRoot;
// send in the previous "king" image in case the user feels like decorating it
$aPicnikParams['_import'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=attachment&sid='.session_id();
// tell Picnik to redirect the user to the following URL after the HTTP POST instead of just redirecting to _export
$aPicnikParams['_redirect'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=inline&ts='.core_time(); //'javascript: return false;';
// tell Picnik our name. It'll use it in a few places as appropriate
$aPicnikParams['_host_name'] = 'Navigate';
// turn off the "Save & Share" tab so users don't get confused
$aPicnikParams['_exclude'] = "out";
echo '<html><head></head><body>';
echo '<form id="picnik_form" method="POST" action="'.$strPicnikUrl.'" style=" visibility: hidden; ">';
// put all the API parameters into the form as hidden inputs
foreach( $aPicnikParams as $key => $value ) {
echo "<input type='hidden' name='$key' value='$value'/>\n";
}
//echo "<input type='text' name='address' value='Your Majesty'/>\n";
echo "<input type='submit' value='Picnik'/>\n";
echo "</form>";
echo '<script language="javascript" type="text/javascript">
document.forms[0].submit();
</script>';
echo '</body></html>';
core_terminate();
break;
*/
/*
case 91: // picnik editing
ob_clean();
// $strPicnikUrl is the URL that we use to launch Picnik.
$strPicnikUrl = "http://www.picnik.com/service";
// $aPicnikParams collects together all the params we'll give Picnik. Start with an API key
$aPicnikParams['_apikey'] = $website->picnik_api_key;
// tell Picnik where to send the exported image
$aPicnikParams['_export'] = NAVIGATE_URL.'/navigate_upload.php?wid='.$website->id.'&engine=picnik&id='.$_REQUEST['id'].'&engine=picnik&session_id='.session_id();
// give the export button a title
$aPicnikParams['_export_title'] = t(34, 'Save');
// turn on the close button, and tell it to come back here
//$aPicnikParams['_close_target'] = $strRoot;
// send in the previous "king" image in case the user feels like decorating it
$aPicnikParams['_import'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=attachment&sid='.session_id();
// tell Picnik to redirect the user to the following URL after the HTTP POST instead of just redirecting to _export
$aPicnikParams['_redirect'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=inline&ts='.core_time(); //'javascript: return false;';
// tell Picnik our name. It'll use it in a few places as appropriate
$aPicnikParams['_host_name'] = 'Navigate';
// turn off the "Save & Share" tab so users don't get confused
$aPicnikParams['_exclude'] = "out";
echo '<html><head></head><body>';
echo '<form id="picnik_form" method="POST" action="'.$strPicnikUrl.'" style=" visibility: hidden; ">';
// put all the API parameters into the form as hidden inputs
foreach( $aPicnikParams as $key => $value ) {
echo "<input type='hidden' name='$key' value='$value'/>\n";
}
//echo "<input type='text' name='address' value='Your Majesty'/>\n";
echo "<input type='submit' value='Picnik'/>\n";
echo "</form>";
echo '<script language="javascript" type="text/javascript">
document.forms[0].submit();
</script>';
echo '</body></html>';
core_terminate();
break;
*/
case 0:
// list / search result
// list / search result
default:
// show requested folder or search
$out = files_browser($_REQUEST['parent'], $_REQUEST['navigate-quicksearch']);
users_log::action($_REQUEST['fid'], intval($_REQUEST['parent']), 'list', '', json_encode($_REQUEST));
break;
}
return $out;
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new comment();
switch ($_REQUEST['act']) {
case 'json':
case 1:
// json data retrieval & operations
switch ($_REQUEST['oper']) {
case 'del':
// remove rows
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
break;
default:
// list or search
$page = intval($_REQUEST['page']);
$max = intval($_REQUEST['rows']);
$offset = ($page - 1) * $max;
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
$where = ' website = ' . $website->id;
if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
if (isset($_REQUEST['quicksearch'])) {
$where .= $item->quicksearch($_REQUEST['quicksearch']);
} else {
if (isset($_REQUEST['filters'])) {
$where .= navitable::jqgridsearch($_REQUEST['filters']);
} else {
// single search
$where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
}
}
}
$DB->queryLimit('id,item,user,email,date_created,status,message', 'nv_comments', $where, $orderby, $offset, $max);
$dataset = $DB->result();
$total = $DB->foundRows();
//echo $DB->get_last_error();
$out = array();
$permissions = array(-1 => '<img src="img/icons/silk/new.png" align="absmiddle" /> ' . t(257, 'To review'), 0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(64, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(251, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(181, 'Hidden'), 3 => '<img src="img/icons/silk/error.png" align="absmiddle" /> ' . t(466, 'Spam'));
for ($i = 0; $i < count($dataset); $i++) {
if (empty($dataset[$i])) {
continue;
}
// retrieve webuser name
$webuser = $DB->query_single('username', 'nv_webusers', ' id = ' . $dataset[$i]['user']);
// retrieve item title
$item = new item();
$item->load($dataset[$i]['item']);
$title = $item->dictionary[$website->languages_list[0]]['title'];
$message = core_string_clean($dataset[$i]['message']);
$message = core_string_cut($message, 60, '…');
$out[$i] = array(0 => $dataset[$i]['id'], 1 => $title, 2 => core_ts2date($dataset[$i]['date_created'], true), 3 => empty($dataset[$i]['user']) ? $dataset[$i]['email'] : $webuser, 4 => strip_tags($message), 5 => $permissions[$dataset[$i]['status']]);
}
navitable::jqgridJson($out, $page, $offset, $max, $total);
break;
}
session_write_close();
exit;
break;
case 2:
// edit/new form
// edit/new form
case 'edit':
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
property::save_properties_from_post('comment', $item->id);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->name, json_encode($_REQUEST));
}
} else {
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'load', $item->name);
}
}
$out = comments_form($item);
break;
case 4:
// remove
// remove
case 'remove':
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = comments_list();
if (!empty($item->id)) {
users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->name, json_encode($_REQUEST));
}
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = comments_form($item);
}
}
break;
case 'remove_spam':
$count = comment::remove_spam();
$layout->navigate_notification(t(524, 'Items removed successfully') . ': <strong>' . $count . '</strong>', false);
$out = comments_list();
users_log::action($_REQUEST['fid'], $website->id, 'remove_spam', "", json_encode($_REQUEST));
break;
case 'json_find_webuser':
// json find webuser by name (for "user" autocomplete)
$DB->query('SELECT id, username as text
FROM nv_webusers
WHERE username LIKE ' . protect('%' . $_REQUEST['username'] . '%') . '
ORDER BY username ASC
LIMIT 30', 'array');
$rows = $DB->result();
$total = $DB->foundRows();
echo json_encode(array('items' => $rows, 'totalCount' => $total));
core_terminate();
break;
case 'json_find_comment':
// json find comment by text search (for "in reply to" autocomplete)
$DB->query('SELECT c.id, c.date_created, c.name, u.username, c.message
FROM nv_comments c
LEFT JOIN nv_webusers u ON c.user = u.id
WHERE
c.website = ' . $website->id . ' AND
c.item = ' . $_REQUEST['node_id'] . ' AND
c.date_created <= ' . $_REQUEST['maxdate'] . ' AND
c.id <> ' . $_REQUEST['exclude'] . ' AND
( c.name LIKE ' . protect('%' . $_REQUEST['search'] . '%') . ' OR
c.message LIKE ' . protect('%' . $_REQUEST['search'] . '%') . ' OR
u.username LIKE ' . protect('%' . $_REQUEST['search'] . '%') . '
)
ORDER BY c.date_created DESC
LIMIT 30', 'array');
$rows = $DB->result();
$total = $DB->foundRows();
for ($r = 0; $r < count($rows); $r++) {
$rows[$r]['text'] = '<span title="' . core_string_cut($rows[$r]['message'], 100) . '"><i class="fa fa-user"></i> ' . $rows[$r]['name'] . $rows[$r]['username'] . ' <i class="fa fa-clock-o"></i> ' . core_ts2date($rows[$r]['date_created'], true) . '</span>';
}
echo json_encode(array('items' => $rows, 'totalCount' => $total));
core_terminate();
break;
case 91:
// json search title request (for "item" autocomplete)
$DB->query('SELECT DISTINCT node_id as id, text as label, text as value
FROM nv_webdictionary
WHERE node_type = "item"
AND subtype = "title"
AND website = ' . $website->id . '
AND text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . '
ORDER BY text ASC
LIMIT 30', 'array');
// AND lang = '.protect($_REQUEST['lang']).'
echo json_encode($DB->result());
session_write_close();
exit;
break;
case 0:
// list / search result
// list / search result
default:
$out = comments_list();
break;
}
return $out;
}
function run()
{
global $user;
switch (@$_REQUEST['act']) {
case 'json':
switch ($_REQUEST['oper']) {
case 'settings_panels':
// save dashboard panels state
$dashboard_panels = $_REQUEST['dashboard_panels'];
$user->setting('dashboard-panels', json_encode($dashboard_panels));
echo json_encode(true);
core_terminate();
break;
case 'feed':
$feed = new feed_parser();
$feed->set_cache(4 * 3600);
// once update each 4 hours
$feed->load($_REQUEST['url']);
list($channel, $articles, $count) = $feed->parse(0, $_REQUEST['limit'], 'newest');
$items = item::convert_from_rss($articles);
$display_language = $_REQUEST['language'];
if (!empty($items)) {
$feed_html = '';
for ($c = 0; $c < count($items); $c++) {
if (empty($items[$c])) {
break;
}
if (!isset($items[$c]->dictionary[$display_language])) {
// requested language not available, get the first available in the feed
$feed_languages = array_keys($items[$c]->dictionary);
$display_language = $feed_languages[0];
}
$tmp = array('<div class="navigate-panel-body-title ui-corner-all">' . '<a href="' . $items[$c]->paths[$display_language] . '" target="_blank">' . core_ts2date($items[$c]->date_to_display, true) . ' ' . '<strong>' . $items[$c]->dictionary[$display_language]['title'] . '</strong>' . '</a>' . '</div>', '<div id="navigatecms-feed-item-' . $items[$c]->id . '" class="navigate-panel-recent-feed-element">' . $items[$c]->dictionary[$display_language]['section-main'] . '</div>');
$feed_html .= implode("\n", $tmp);
}
}
echo $feed_html;
core_terminate();
break;
default:
// list or search
}
break;
case 'recent_items':
$ri = users_log::recent_items(value_or_default($_REQUEST['limit']), 10);
if (!is_array($ri)) {
$ri = array();
}
for ($i = 0; $i < count($ri); $i++) {
$action = $ri[$i];
$ri[$i]->_url = '?fid=' . $action->function . '&wid=' . $action->website . '&act=load&id=' . $action->item;
$ri[$i]->_link = '<a href="' . $ri[$i]->_url . '" title="' . htmlspecialchars($action->item_title) . ' | ' . htmlspecialchars(t($action->function_title, $action->function_title)) . '"><img src="' . $action->function_icon . '" align="absmiddle" /> ' . core_string_cut($action->item_title, 33) . '</a>';
}
echo json_encode($ri);
core_terminate();
break;
default:
$out = dashboard_create();
}
return $out;
}
$zipfile->addFile(file_get_contents(NAVIGATE_PATH . '/web/.htaccess.example'), 'web/.htaccess.example');
$zipfile->addFile('', 'cache/empty.txt');
$zipfile->addFile('', 'updates/empty.txt');
$zipfile->addFile(file_get_contents(NAVIGATE_PATH . '/themes/theme_kit.zip'), 'themes/theme_kit.zip');
$contents = $zipfile->file();
file_put_contents("distribution/package.zip", $contents);
unset($zipfile);
/* 6/ Repack SQL, logo, setup.php and package.zip as Navigate.zip */
$zipfile = new zipfile();
$zipfile->addFile(file_get_contents('setup.php'), 'setup.php');
$zipfile->addFile(file_get_contents('distribution/navigate.sql'), 'navigate.sql');
$zipfile->addFile(file_get_contents('distribution/package.zip'), 'package.zip');
file_put_contents("navigate-" . $current_version->version . "r" . $current_version->revision . ".zip", $zipfile->file());
/* 7/ Remove temporary files */
rrmdir('distribution');
core_terminate();
function rrmdir($dir)
{
if (is_dir($dir)) {
$objects = scandir($dir);
foreach ($objects as $object) {
if ($object != "." && $object != "..") {
if (filetype($dir . "/" . $object) == "dir") {
rrmdir($dir . "/" . $object);
} else {
unlink($dir . "/" . $object);
}
}
}
reset($objects);
rmdir($dir);
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new extension();
switch ($_REQUEST['act']) {
case 'extension_info':
echo '<iframe src="' . NAVIGATE_URL . '/plugins/' . $_REQUEST['extension'] . '/' . $_REQUEST['extension'] . '.info.html' . '" scrolling="auto" frameborder="0" width="100%" height="100%"></iframe>';
core_terminate();
break;
case 'disable':
$extension = new extension();
$extension->load($_REQUEST['extension']);
$extension->enabled = 0;
$ok = $extension->save();
echo json_encode($ok);
core_terminate();
break;
case 'enable':
$extension = new extension();
$extension->load($_REQUEST['extension']);
$extension->enabled = 1;
$ok = $extension->save();
echo json_encode($ok);
core_terminate();
break;
// TODO: rework favorite extensions as user's favorite (not global)
/*
case 'favorite':
$extension = new extension();
$extension->load($_REQUEST['extension']);
$extension->favorite = intval($_REQUEST['value']);
$ok = $extension->save();
echo json_encode($ok);
core_terminate();
break;
*/
// TODO: rework favorite extensions as user's favorite (not global)
/*
case 'favorite':
$extension = new extension();
$extension->load($_REQUEST['extension']);
$extension->favorite = intval($_REQUEST['value']);
$ok = $extension->save();
echo json_encode($ok);
core_terminate();
break;
*/
case 'remove':
try {
$extension = new extension();
$extension->load($_REQUEST['extension']);
$status = $extension->delete();
echo json_encode($status);
} catch (Exception $e) {
echo $e->getMessage();
}
core_terminate();
break;
case 'options':
$extension = new extension();
$extension->load($_REQUEST['extension']);
$status = null;
if (isset($_REQUEST['form-sent'])) {
$extension->load_from_post();
$status = $extension->save();
}
$out = extensions_options($extension, $status);
echo $out;
core_terminate();
break;
case 'dialog':
$extension = new extension();
$extension->load($_REQUEST['extension']);
$out = extensions_dialog($extension, $_REQUEST['function'], $_REQUEST);
echo $out;
core_terminate();
break;
case 'process':
$extension = trim($_REQUEST['extension']);
call_user_func("nvweb_" . $extension . "_plugin", $_REQUEST);
core_terminate();
break;
case 'run':
$extension = trim($_REQUEST['extension']);
$extensions_allowed = $user->permission("extensions.allowed");
if (!empty($extensions_allowed) && !in_array($extension, $extensions_allowed)) {
$out = t(610, "Sorry, you are not allowed to execute this function.");
} else {
if (file_exists(NAVIGATE_PATH . '/plugins/' . $extension . '/run.php')) {
include_once NAVIGATE_PATH . '/plugins/' . $extension . '/run.php';
if (function_exists($extension . '_run')) {
eval('$out = ' . $extension . '_run();');
}
}
}
break;
case 'install_from_hash':
$url = base64_decode($_GET['hash']);
if (!empty($url) && $user->permission("extensions.install") == "true") {
$error = false;
parse_str(parse_url($url, PHP_URL_QUERY), $query);
$tmp_file = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $query['code'] . '.zip';
@core_file_curl($url, $tmp_file);
if (@filesize($tmp_file) == 0) {
@unlink($tmp_file);
// core file curl failed, try using file_get_contents...
$tmp = @file_get_contents($url);
if (!empty($tmp)) {
@file_put_contents($tmp_file, $tmp);
}
unset($tmp);
}
if (@filesize($tmp_file) > 0) {
// uncompress ZIP and copy it to the extensions dir
@mkdir(NAVIGATE_PATH . '/plugins/' . $query['code']);
$zip = new ZipArchive();
$zip_open_status = $zip->open($tmp_file);
if ($zip_open_status === TRUE) {
$zip->extractTo(NAVIGATE_PATH . '/plugins/' . $query['code']);
$zip->close();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} else {
$layout->navigate_notification('ERROR ' . $zip_open_status, true, true);
$error = true;
}
} else {
$layout->navigate_notification(t(56, 'Unexpected error'), true, true);
$error = true;
}
if ($error) {
$layout->add_content('
<div id="navigate_marketplace_install_from_hash_error">
<p>' . t(529, "It has not been possible to download from the marketplace.") . '</p>
<p>' . t(530, "You have to visit your Marketplace Dashboard and download the file, then use the <strong>Install from file</strong> button you'll find in the actions bar on the right.") . '</p>
<p>' . t(531, "Sorry for the inconvenience.") . '</p>
<a class="uibutton" href="http://www.navigatecms.com/en/marketplace/dashboard" target="_blank"><span class="ui-icon ui-icon-extlink" style="float: left;"></span> ' . t(532, "Navigate CMS Marketplace") . '</a>
</div>
');
$layout->add_script('
$("#navigate_marketplace_install_from_hash_error").dialog({
modal: true,
title: "' . t(56, "Unexpected error") . '"
});
');
}
}
// don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger)
// don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger)
case 'extension_upload':
if (isset($_FILES['extension-upload']) && $_FILES['extension-upload']['error'] == 0 && $user->permission("extensions.install") == "true") {
// uncompress ZIP and copy it to the extensions dir
$tmp = trim(substr($_FILES['extension-upload']['name'], 0, strpos($_FILES['extension-upload']['name'], '.')));
$extension_name = filter_var($tmp, FILTER_SANITIZE_EMAIL);
if ($tmp != $extension_name) {
$layout->navigate_notification(t(344, 'Security error'), true, true);
} else {
@mkdir(NAVIGATE_PATH . '/plugins/' . $extension_name);
$zip = new ZipArchive();
if ($zip->open($_FILES['extension-upload']['tmp_name']) === TRUE) {
$zip->extractTo(NAVIGATE_PATH . '/plugins/' . $extension_name);
$zip->close();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} else {
$layout->navigate_notification(t(262, 'Error uploading file'), true, true);
}
}
}
default:
$list = extension::list_installed(null, false);
$out = extensions_grid($list);
break;
}
return $out;
}
function run()
{
global $user;
global $layout;
global $website;
global $theme;
global $DB;
$out = '';
switch ($_REQUEST['act']) {
case 'theme_info':
echo '<iframe src="' . NAVIGATE_URL . '/themes/' . $_REQUEST['theme'] . '/' . $_REQUEST['theme'] . '.info.html' . '" scrolling="auto" frameborder="0" width="100%" height="100%"></iframe>';
core_terminate();
break;
case 'remove':
// check the theme is not actually used in any website
$usages = $DB->query_single('COUNT(*)', 'nv_websites', ' theme = ' . protect($_REQUEST['theme']));
if ($usages == 0) {
try {
$theme = new theme();
$theme->load($_REQUEST['theme']);
$status = $theme->delete();
echo json_encode($status);
} catch (Exception $e) {
echo $e->getMessage();
}
} else {
$status = t(537, "Can't remove the theme because it is currently being used by another website.");
echo $status;
}
core_terminate();
break;
/*
case 'export':
$out = themes_export_form();
break;
*/
/*
case 'export':
$out = themes_export_form();
break;
*/
case 'theme_sample_content_import':
try {
$theme->import_sample();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
$themes = theme::list_available();
$out = themes_grid($themes);
break;
case 'theme_sample_content_export':
if (empty($_POST)) {
$out = themes_sample_content_export_form();
} else {
$categories = explode(',', $_POST['categories']);
$folder = $_POST['folder'];
$items = explode(',', $_POST['elements']);
$block_groups = explode(',', $_POST['block_groups']);
$blocks = explode(',', $_POST['blocks']);
$comments = explode(',', $_POST['comments']);
theme::export_sample($categories, $items, $block_groups, $blocks, $comments, $folder);
core_terminate();
}
break;
case 'install_from_hash':
$url = base64_decode($_GET['hash']);
if (!empty($url) && $user->permission("themes.install") == "true") {
$error = false;
parse_str(parse_url($url, PHP_URL_QUERY), $query);
$tmp_file = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $query['code'] . '.zip';
@core_file_curl($url, $tmp_file);
if (@filesize($tmp_file) == 0) {
@unlink($tmp_file);
// core file curl failed, try using file_get_contents...
$tmp = @file_get_contents($url);
if (!empty($tmp)) {
@file_put_contents($tmp_file, $tmp);
}
unset($tmp);
}
if (@filesize($tmp_file) > 0) {
// uncompress ZIP and copy it to the themes dir
@mkdir(NAVIGATE_PATH . '/themes/' . $query['code']);
$zip = new ZipArchive();
$zip_open_status = $zip->open($tmp_file);
if ($zip_open_status === TRUE) {
$zip->extractTo(NAVIGATE_PATH . '/themes/' . $query['code']);
$zip->close();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} else {
$layout->navigate_notification('ERROR ' . $zip_open_status, true, true);
$error = true;
}
} else {
$layout->navigate_notification(t(56, 'Unexpected error'), true, true);
$error = true;
}
if ($error) {
$layout->add_content('
<div id="navigate_marketplace_install_from_hash_error">
<p>' . t(529, "It has not been possible to download the item you have just bought from the marketplace.") . '</p>
<p>' . t(530, "You have to visit your Marketplace Dashboard and download the file, then use the <strong>Install from file</strong> button you'll find in the actions bar on the right.") . '</p>
<p>' . t(531, "Sorry for the inconvenience.") . '</p>
<a class="uibutton" href="http://www.navigatecms.com/en/marketplace/dashboard" target="_blank"><span class="ui-icon ui-icon-extlink" style="float: left;"></span> ' . t(532, "Navigate CMS Marketplace") . '</a>
</div>
');
$layout->add_script('
$("#navigate_marketplace_install_from_hash_error").dialog({
modal: true,
title: "' . t(56, "Unexpected error") . '"
});
');
}
}
// don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger)
// don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger)
case 'theme_upload':
if (isset($_FILES['theme-upload']) && $_FILES['theme-upload']['error'] == 0 && $user->permission("themes.install") == "true") {
// uncompress ZIP and copy it to the themes dir
$tmp = trim(substr($_FILES['theme-upload']['name'], 0, strpos($_FILES['theme-upload']['name'], '.')));
$theme_name = filter_var($tmp, FILTER_SANITIZE_EMAIL);
if ($tmp != $theme_name) {
$layout->navigate_notification(t(344, 'Security error'), true, true);
} else {
@mkdir(NAVIGATE_PATH . '/themes/' . $theme_name);
$zip = new ZipArchive();
if ($zip->open($_FILES['theme-upload']['tmp_name']) === TRUE) {
$zip->extractTo(NAVIGATE_PATH . '/themes/' . $theme_name);
$zip->close();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} else {
$layout->navigate_notification(t(262, 'Error uploading file'), true, true);
}
}
}
// don't break, we want to show the themes grid right now
// don't break, we want to show the themes grid right now
case 'themes':
default:
if (@$_REQUEST['opt'] == 'install') {
$ntheme = new theme();
$ntheme->load($_REQUEST['theme']);
$website->theme = $ntheme->name;
if (!empty($ntheme->styles)) {
$nst = get_object_vars($ntheme->styles);
$nst = array_keys($nst);
if (!isset($website->theme_options) || empty($website->theme_options)) {
$website->theme_options = json_decode('{"style": ""}');
}
$website->theme_options->style = array_shift($nst);
} else {
if (!isset($website->theme_options) || empty($website->theme_options)) {
$website->theme_options = json_decode('{"style": ""}');
} else {
$website->theme_options->style = "";
}
}
try {
$website->update();
$layout->navigate_notification(t(374, "Item installed successfully."), false);
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
}
$themes = theme::list_available();
$out = themes_grid($themes);
break;
}
return $out;
}
public static function export($type = 'csv')
{
global $DB;
global $website;
$out = array();
$DB->query('
SELECT id, website, username, email, groups, fullname, gender,
' . '
birthdate, language, country, timezone,
address, zipcode, location, phone, social_website,
joindate, lastseen, newsletter, private_comment,
access, access_begin, access_end
FROM nv_webusers
WHERE website = ' . protect($website->id), 'array');
$fields = array("id", t(177, 'Website') . ' [NV]', t(1, 'User'), t(44, 'E-Mail'), t(506, 'Groups'), t(159, 'Name'), t(304, 'Gender'), t(248, 'Birthdate'), t(46, 'Language'), t(224, 'Country'), t(97, 'Timezone'), t(233, 'Address'), t(318, 'Zip code'), t(319, 'Location'), t(320, 'Phone'), t(177, 'Website'), t(247, 'Date joined'), t(563, 'Last seen'), t(249, 'Newsletter'), t(538, 'Private comment'), t(364, 'Access'), t(364, 'Access') . ' / ' . t(623, 'Begin'), t(364, 'Access') . ' / ' . t(624, 'End'));
$out = $DB->result();
$temp_file = tempnam("", 'nv_');
$fp = fopen($temp_file, 'w');
fputcsv($fp, $fields);
foreach ($out as $fields) {
fputcsv($fp, $fields);
}
header('Content-Description: File Transfer');
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename=' . basename('webusers.csv'));
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($temp_file));
ob_clean();
flush();
fclose($fp);
readfile($temp_file);
@unlink($temp_file);
core_terminate();
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new template();
switch ($_REQUEST['act']) {
case 'json':
case 1:
// json data retrieval & operations
switch ($_REQUEST['oper']) {
case 'del':
// remove rows
$ids = $_REQUEST['ids'];
foreach ($ids as $id) {
$item->load($id);
$item->delete();
}
echo json_encode(true);
break;
default:
// list or search
// we have to merge the theme templates with the custom private templates (which are defined in the DB)
// as we don't expect a lot of templates, we will always return the whole dataset
// for this reason, paginate is useless
$orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
if (isset($_REQUEST['quicksearch'])) {
$dataset = template::search($orderby, array('quicksearch' => $_REQUEST['quicksearch']));
} else {
$dataset = template::search($orderby);
}
$total = count($dataset);
$out = array();
$permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden'));
if (empty($dataset)) {
$rows = 0;
} else {
$rows = count($dataset);
}
for ($i = 0; $i < $rows; $i++) {
$out[$i] = array(0 => $dataset[$i]['id'], 1 => $dataset[$i]['title'], 2 => $dataset[$i]['theme'], 3 => $permissions[$dataset[$i]['permission']], 4 => $dataset[$i]['enabled'] == 1 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />');
}
navitable::jqgridJson($out, 1, 0, PHP_INT_MAX, $total);
break;
}
core_terminate();
break;
case 'load':
case 2:
// edit/new form
if (!empty($_REQUEST['id'])) {
if (is_numeric($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
} else {
$item->load_from_theme($_REQUEST['id']);
}
}
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
if (!empty($_REQUEST['property-enabled'])) {
$enableds = array_values($_REQUEST['property-enabled']);
} else {
$enableds = array();
}
property::reorder("template", $item->id, $_REQUEST['template-properties-order'], $enableds);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
users_log::action($_REQUEST['fid'], $item->id, 'save', $item->title, json_encode($_REQUEST));
} else {
users_log::action($_REQUEST['fid'], $item->id, 'load', $item->title);
}
$out = templates_form($item);
break;
case 'save_template_file':
// save template html
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
}
$data = $_REQUEST['templates-file-edit-area'];
$data = str_replace("\r\n", "\r", $data);
$x = file_put_contents(NAVIGATE_PRIVATE . '/' . $website->id . '/templates/' . $item->file, $data);
echo json_encode($x > 0);
session_write_close();
exit;
break;
case 4:
// remove
if (!empty($_REQUEST['id'])) {
$item->load(intval($_REQUEST['id']));
if ($item->delete() > 0) {
$layout->navigate_notification(t(55, 'Item removed successfully.'), false);
$out = templates_list();
} else {
$layout->navigate_notification(t(56, 'Unexpected error.'), false);
$out = webdictionary_list();
}
users_log::action($_REQUEST['fid'], $item->id, $item->title, 'remove');
}
break;
case 'template_property_load':
$property = new property();
if (!empty($_REQUEST['id'])) {
if (is_numeric($_REQUEST['id'])) {
$property->load(intval($_REQUEST['id']));
} else {
$property->load_from_theme($_REQUEST['id'], null, 'template', $_REQUEST['template']);
}
}
header('Content-type: text/json');
$types = property::types();
$property->type_text = $types[$property->type];
echo json_encode($property);
session_write_close();
exit;
break;
case 'template_property_save':
// save property details
$property = new property();
if (!empty($_REQUEST['property-id'])) {
$property->load(intval($_REQUEST['property-id']));
}
$property->load_from_post();
$property->save();
header('Content-type: text/json');
$types = property::types();
$property->type_text = $types[$property->type];
echo json_encode($property);
session_write_close();
exit;
break;
case 'template_property_remove':
// remove property
$property = new property();
if (!empty($_REQUEST['property-id'])) {
$property->load(intval($_REQUEST['property-id']));
}
$property->delete();
session_write_close();
exit;
break;
case 0:
// list / search result
// list / search result
default:
$out = templates_list();
break;
}
return $out;
}
